Recently, new security vulnerabilities have been discovered in number of 3rd party Magento extensions. The latest one is the security issue in Vladimir Popov Webforms extension that allows attacker to inject a script that enables uploading any file to server through URL and browser. Updating module to the latest version is advised, but it is not enough in case your website has already been hacked.
To make sure you are safe from the latest vulnerabilities, we have added new malware definitions to the MageFence base. In order to keep your website secure, you will need to check your website for malware and make sure that your website has not been infected.
To check your website for malware log into your Magento Admin Panel, then go to MageFence->Check and Protect->File Protection and click “Check website”.
If you find any issues, please contact us at firstname.lastname@example.org